Field of the Invention
The present invention relates to systems and methods for the secure provision of services to devices and in particular to a method and apparatus for embedding and using secret information in digital certificates.
Description of the Related Art
The widespread availability of digital means for disseminating information has placed an increasingly important emphasis on assuring the authenticity of a digital message, document, or data before providing access to other data. Authentication may be used as a part of a conditional access or digital rights management (DRM) scheme that protects information by requiring certain criteria to be met before the content can be stored, copied, played back, or otherwise used. The ability to satisfy this criteria is controlled so that only those entities authorized to use the information are able to do so.
Authentication of the source of information assures the recipient that the apparent or represented source is indeed the actual source. One of the techniques used for both conditional access and authentication is a public-key infrastructure (PKI).
In typical public-key infrastructure (PKI) usage, a digital certificate is used to cryptographically bind an identity of an entity (e.g. device) to an associated public key of an asymmetric cryptographic algorithm, such as RSA or elliptic curve cryptography (ECC). At a minimum the certificate includes the identity of the entity, the public key, and a signature of the issuing authority (over those parameters), typically referred to as a Certificate Authority (CA).
One of the problems with digital certificates is that standard procedures to revoke the licenses or conditional access system permissions cannot be easily re-used in systems that make use of cryptographic secrets that are symmetric-algorithm based. One problem, for example, is that for traditional asymmetric-based digital certificates, an efficient way to revoke devices is to group devices by a Sub-CA, so that devices of the same class or model are issued certificates from the same Sub-CA. In case of revocation, the corresponding Sub-CA can be revoked, rather than revoking individual devices. This mechanism, however, is not directly usable for systems where devices make use of symmetric-based cryptographic secrets.
What is needed is a system and method for grouped devices using symmetric keys for authorization to be revoked by revoking sub-CA issued digital certificates in the chain of trust rather than revoking the authorization of individual devices. The present invention satisfies this need.